1. Field of the Invention
This invention relates generally to the detection of fraudulent use of customer accounts and account numbers, including for example credit card transactions. In particular, the invention relates to an automated fraud detection system and method that uses predictive modeling to perform pattern recognition and classification in order to isolate transactions having high probabilities of fraud.
2. Description of the Related Art
In the following discussion, the term "credit card" will be used for illustrative purposes; however, the techniques and principles discussed herein apply to other types of customer accounts, such as charge cards, bank automated teller machine cards and telephone calling cards.
Credit card issuers conventionally attempt to limit fraud losses by immediately closing a customer's account upon receiving a report that the card has been lost or stolen. Typically, the customer's credit information is then transferred to a new account and a new card is issued. This procedure is only effective in limiting fraudulent use of lost or stolen cards after the loss or theft has been reported to the issuer.
In many cases, however, fraudulent use occurs without the knowledge of the cardholder, and therefore no report is made to the issuer. This may occur if the customer is unaware that the card has been lost or stolen, or if other techniques are employed to perpetrate the fraud, such as: use of counterfeit cards; merchant fraud; application fraud; or interception of credit cards in the mail. In all these situations, the fraudulent use may not be detected until (and unless) the cardholder notices an unfamiliar transaction on his or her next monthly statement and contests the corresponding charge. The concomitant delay in detection of fraud may result in significant losses. User fraud, in which the user claims that a valid transaction is invalid, is also possible.
Issuers of credit cards have sought to limit fraud losses by attempting to detect fraudulent use before the cardholder has reported a lost or stolen card. One conventional technique is known as parameter analysis. A parameter analysis fraud detection scheme makes a decision using a small number of database fields combined in a simple Boolean condition. An example of such a condition is:
if (number of transactions in 24 hours &gt;X) and (more than Y dollars authorized) then flag this account as high risk
Parameter analysis will provide the values of X and Y that satisfy either the required detection rate or the required false positive rate. In a hypothetical example, parameter values of X=400 and Y=1000 might capture 20% of the frauds with a false positive rate of 200:1, while X=6 and Y=2000 might capture 8% of the frauds with a false positive rate of 20:1.
The rules that parameter analysis provides are easily implemented in a database management system, as they are restricted to Boolean (e.g., and, or) combinations of conditions on single variables.
Parameter analysis derives rules by examining the single variables most able to distinguish fraudulent from non-fraudulent behavior. Since only single-variable threshold comparisons are used, complex interactions among variables are not captured. This is a limitation that could cause the system to discriminate poorly between fraudulent and valid account behavior, resulting in low capture rates and high false-positive rates.
Additionally, an effective fraud detection model generally requires more variables than conventional parameter analysis systems can handle. Furthermore, in order to capture new fraud schemes, parameter analysis systems must be redeveloped often, and automated redevelopment is difficult to implement.
It is desirable, therefore, to have an automated system that uses available information regarding cardholders, merchants, and transactions to screen transactions and isolate those which are likely to be fraudulent, and which captures a relatively high proportion of frauds while maintaining a relatively low false-positive rate. Preferably, such a system should be able to handle a large number of interdependent variables, and should have capability for re-development of the underlying system model as new patterns of fraudulent behavior emerge.